Azure Linux 3.0 Security Update: cmake / libarchive (CVE-2024-48615)

The version of cmake / libarchive installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-48615 advisory. - Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdt...

Azure Linux 3.0 Security Update: libarchive (CVE-2025-25724)

The version of libarchive installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-25724 advisory. - listitemverbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which...

Azure Linux 3.0 Security Update: moby-engine (CVE-2024-29018)

The version of moby-engine installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-29018 advisory. - Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, an...

Azure Linux 3.0 Security Update: cifs-utils (CVE-2025-2312)

The version of cifs-utils installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-2312 advisory. - A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from...

Azure Linux 3.0 Security Update: c-ares / fluent-bit / grpc / nodejs (CVE-2023-31130)

The version of c-ares / fluent-bit / grpc / nodejs installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-31130 advisory. - c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a...

Azure Linux 3.0 Security Update: coredns / ig / keda (CVE-2025-29786)

The version of coredns / ig / keda installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-29786 advisory. - Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if th...

Azure Linux 3.0 Security Update: pam (CVE-2024-10041)

The version of pam installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-10041 advisory. - A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger th...

Azure Linux 3.0 Security Update: cri-tools / moby-runc / runc (CVE-2024-45310)

The version of cri-tools / moby-runc / runc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45310 advisory. - runc is a CLI tool for spawning and running containers according to the OCI...

Azure Linux 3.0 Security Update: nodejs / nodejs18 (CVE-2024-22019)

The version of nodejs / nodejs18 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-22019 advisory. - A vulnerability in Node.js HTTP servers allows an attacker to send a specially crafted HTTP reque...

Azure Linux 3.0 Security Update: php (CVE-2025-1734)

The version of php installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-1734 advisory. - In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when...

Azure Linux 3.0 Security Update: application-gateway-kubernetes-ingress / azcopy / blobfuse2 / cert-manager / coredns / etcd (CVE-2025-30204)

The version of application-gateway-kubernetes-ingress / azcopy / blobfuse2 / cert-manager / coredns / etcd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-30204 advisory. - golang-jwt is a Go...

Azure Linux 3.0 Security Update: libxslt (CVE-2024-55549)

The version of libxslt installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-55549 advisory. - xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result...

Azure Linux 3.0 Security Update: libreswan (CVE-2024-3652)

The version of libreswan installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-3652 advisory. - The Libreswan Project was notified of an issue causing libreswan to restart when using IKEv1 without...

Azure Linux 3.0 Security Update: libreswan (CVE-2023-30570)

The version of libreswan installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-30570 advisory. - pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via...

Azure Linux 3.0 Security Update: php (CVE-2025-1861)

The version of php installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-1861 advisory. - In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when...

Azure Linux 3.0 Security Update: php (CVE-2025-1219)

The version of php installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-1219 advisory. - In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when...

Azure Linux 3.0 Security Update: libdwarf (CVE-2024-2002)

The version of libdwarf installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-2002 advisory. - A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf May try t...

Azure Linux 3.0 Security Update: php (CVE-2025-1217)

The version of php installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-1217 advisory. - In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when...

Azure Linux 3.0 Security Update: libxslt (CVE-2025-24855)

The version of libxslt installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-24855 advisory. - numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath...

Azure Linux 3.0 Security Update: mariadb / mysql (CVE-2025-21490)

The version of mariadb / mysql installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21490 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions tha...